New Data Protection Survey

Well, the identity theft information overload continues. It appears that corporations regularly lose sensitive data these days. If you do business with companies which require you to provide social security numbers, birthdates, addresses and other confidential information, perhaps you should check out how companies protect this sensitive information in advance. Today I read an article which raised major alarm bells about the likelihood of identity theft for consumers doing business with companies that do not recognize the importance of data protection. According to

[A] survey released this week by Ponemon Institute and Vontu, a San Francisco-based provider of data loss prevention products,

Eighty-one percent of companies surveyed reported the loss of one or more laptops containing sensitive information during the past 12 months, according to the survey, which queried nearly 500 information security professionals.

One of the main reasons corporate data security breaches occur is because companies don’t know where their sensitive or confidential business information resides within the network or enterprise systems, Larry Ponemon, chairman of the Ponemon Institute, said in a statement.

Another problem identified in this survey relates to miniature portable hard disk drives known as “thumb drives.” As these small portable disk drives become able to store more and more data, they can also become a source of data and identity theft. Because these storage devices can store sensitive information and are easily portable, if stolen, they can cause quite a headache for companies and consumers alike. Although they can be stolen quite easily,

[S]torage devices are small and cheap. Many employees do not report them missing as they would a laptop.

“It’s like losing a pen,” says Gartner Research analyst Avivah Litan.

Two-thirds of 248 tech security professionals who use removable media devices say they have no security policy even though they are aware of the risks, according to researcher Pointsec.

So the moral of this store is that the time you do business with a corporation requiring you to provide confidential information, insist that the company provide you with an explanation about how it protects your identity. If you do not get a straight answer, maybe you should think twice about doing business with that company.